DNS Redirect Issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

DNS Redirect Issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
19 Reply
That's the explanation and solution
2014-06-09 16:20:20
Hi all,

The reason of your problem is due to malware infection. Clean your PCs.
Here are 2 url that talks about :
http://www.welivesecurity.com/2014/04/02/win32sality-newest-component-a-routers-primary-dns-changer-named-win32rbrute/
http://kb.eset.sk/esetkb/index?page=content&id=SOLN3530

In the second url above, you can apply a solution from ACL rule. For example, limit the access to the modem from only several administrator addresses.
  0  
  0  
#12
Options
new firmware available
2014-08-21 22:49:05
new firmware available for TD-W8901G v3 (my model)

http://www.tp-link.it/support/download/?model=TD-W8901G&version=V3

Improved security mechanism.
  0  
  0  
#13
Options
Same issue with WD8901GB - no update available
2014-11-26 06:16:30
I have the very same issue described in this thread here - bad DNS server entries in the DHCP offer. Unfortunately, On the download page TD-W8901GB V3, the latest FW is from 2010.

TP-link, please provide a fix!! Otherwise all I can do is trash this router.

As I have discovered this problem just today, a question to the other posters - do you happen to know if this security problem may come with other, possibly worse side effects? For example, could my router password have leaked? Could the attacker have sniffed any unencrypted traffic through the router? Or is it "just" the faked DNS / redirect?
  0  
  0  
#14
Options
"DNSChanger"
2014-11-26 06:21:40
  0  
  0  
#15
Options
TP-Link press release
2014-11-26 06:25:50
There's this TP-LINK press release saying that the issue was fixed. Unfortunately they seem to have forgotten the WD8901GB.
  0  
  0  
#16
Options
Re:DNS Redirect Issue
2014-11-26 11:32:45
W8901G is too old to release a new firmware.
  0  
  0  
#17
Options
W8901G too old?
2014-11-27 03:38:00
Well, I bought mine in January 2012. It was a hot seller on amazon.de those days if I remember correctly. That's less than 3 years life time.
I know 3 years is a lot in the IT industry, yet I had expected to run this device for a few more years. Technically, it's fully up to the job,

With this trojan and without a FW to flash, all I can do with this device is trash it. It's not even supported by OpenWRT, as far as I can see.

Ans as meow81 wrote on Aug 21, there is an update for the W8901G, just not for W8901G B. Being myself in the IT industry, I reckon that it couldn't be that hard or expensive to port the changes from TP-W8901G to TP-W8901GB.
  0  
  0  
#18
Options
Re:DNS Redirect Issue
2014-11-27 11:03:56
Checked on their website. either W8901G or W8901GB is discontinued. In this case, few company will still release a new firmware for such products.
http://www.tp-link.com/en/search/?categoryid=1044&keywords=8901G
  0  
  0  
#19
Options
Re:DNS Redirect Issue
2014-12-11 04:32:10
I got a new router in the mean time.

Everyone else, keep your hands away from TP-W8901GB, even if you can get it cheaply.
  0  
  0  
#20
Options
Related Articles